CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-2509

Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.4%

CVSS Severity

CVSS v3 Score 7.8

References

https://issues.chromium.org/issues/b/385851796
https://issuetracker.google.com/issues/385851796

Products affected by CVE-2025-2509

Google » Chrome Os » Version: 16093.57.0

cpe:2.3:o:google:chrome_os:16093.57.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-2509

Products

Pricing

Contact Us